CVE-2022-49738 f2fs: fix to do sanity check on i_extra_isize in is_alive()

🗓️ 27 Mar 2025 16:42:50Reported by LinuxType

Fixed sanity check issue in f2fs is_alive() to prevent slab-out-of-bounds vulnerability.

Reporter	Title	Published	Views	Family All 22
AstraLinux	Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15	3 May 202623:59	–	astralinux
BDU FSTEC	The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure	3 Jun 202500:00	–	bdu_fstec
CNNVD	Linux kernel 安全漏洞	27 Mar 202500:00	–	cnnvd
CVE	CVE-2022-49738	27 Mar 202516:42	–	cve
Debian CVE	CVE-2022-49738	27 Mar 202516:42	–	debiancve
EUVD	EUVD-2022-55185	3 Oct 202520:07	–	euvd
NVD	CVE-2022-49738	27 Mar 202517:15	–	nvd
OSV	CLSA-2025-1747430034 Fix of 54 CVEs	16 May 202521:13	–	osv
OSV	CLSA-2025-1747430081 Fix of 50 CVEs	16 May 202521:14	–	osv
OSV	CVE-2022-49738 f2fs: fix to do sanity check on i_extra_isize in is_alive()	27 Mar 202516:42	–	osv

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/f2fs/gc.c"
    ],
    "versions": [
      {
        "version": "98e4da8ca301e062d79ae168c67e56f3c3de3ce4",
        "lessThan": "e5142a4935c1f15841d06047b8130078fc4d7b8f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98e4da8ca301e062d79ae168c67e56f3c3de3ce4",
        "lessThan": "914e38f02a490dafd980ff0f39cccedc074deb29",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98e4da8ca301e062d79ae168c67e56f3c3de3ce4",
        "lessThan": "97ccfffcc061e54ce87e4a51a40e2e9cb0b7076a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98e4da8ca301e062d79ae168c67e56f3c3de3ce4",
        "lessThan": "5b25035fb888cb2f78bf0b9c9f95b1dc54480d36",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98e4da8ca301e062d79ae168c67e56f3c3de3ce4",
        "lessThan": "d3b7b4afd6b2c344eabf9cc26b8bfa903c164c7c",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/f2fs/gc.c"
    ],
    "versions": [
      {
        "version": "3.8",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "3.8",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.232",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.168",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.93",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.11",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.2",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/97ccfffcc061e54ce87e4a51a40e2e9cb0b7076a
git	www.git.kernel.org/stable/c/5b25035fb888cb2f78bf0b9c9f95b1dc54480d36
git	www.git.kernel.org/stable/c/e5142a4935c1f15841d06047b8130078fc4d7b8f
git	www.git.kernel.org/stable/c/914e38f02a490dafd980ff0f39cccedc074deb29
git	www.git.kernel.org/stable/c/d3b7b4afd6b2c344eabf9cc26b8bfa903c164c7c

11 May 2026 19:05Current

EPSS0.0017